Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2014-2067
Reference:
CVE-2014-2067
Title:
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a quotremote cause note.quot